11 Sep
2006
11 Sep
'06
2:50 p.m.
Alexander Nasonov wrote :
Don't say "generic" to people who care about security.
I don't see how generics are security issues. Could you explain that argument ? I don't see how generics are related to generic (code).
Compare template<class T> inline T max(T const& a, T const& b) { return a > b ? a : b; } and inline int max(int a, int b) { return a > b ? a : b; } When you use the first code, you should check that every T you pass to the max() has greater than with expected behavior, that copy ctors copies without side effects, etc (try to continue my list). With flexibility comes the danger. -- Alexander Nasonov